Chief Security Officer Deputy
Americas
Ivanti
Ivanti finds, heals and protects every device, everywhere – automatically – so employees can work better from anywhere.Position Title: Chief Security Officer Deputy
General Purpose: The Chief Security Officer Deputy is responsible for the organization's Security Programs as directed by the CSO including but not limited to daily operations of the IT security program, oversight of the annual and ongoing risk assessment process, development, implementation, and maintenance of policies and procedures, ensuring the confidentiality, integrity and access of electronic protected information and of monitoring program compliance as well as investigation and tracking of incidents and breaches and in compliance with federal and state laws.
Responsibilities:
- Assist in building a strategic and comprehensive information security program that defines, develops, maintains, and implements policies and processes that enable consistent, effective information security practices which minimize risk and ensure the integrity, confidentiality and availability of information that is owned, controlled, and processed within the organization.
- Actively participate in activities that facilitate and promote a culture of cyber security within the origination that drive security awareness and behavioral changes for the business.
- Assist with the design and development of business-appropriate security controls, implemented defense-in-depth and demonstrating strong decision making for implemented people, process, and technology controls.
- Ensure that the disaster recovery, business continuity, risk management requirements of the business are addressed.
- Collaborates with Ivanti’s General Counsel, Data Protection Officer, and key business leadership to establish governance for the security program.
- Works closely with the DPO to ensure alignment between security and privacy compliance programs including policies, practices, and investigations, and acts as a liaison to the information systems and compliance departments.
- Is responsible for participating in periodic information security risk assessment/analysis, mitigation, and remediation. Responsible for development and implementation of security risk management plan as directed by the CSO.
- Assist the CSO with developing security governance, policy, and strategy that is consistent with the business objectives and threat landscape.
- Participates in the development, implementation, and ongoing compliance monitoring of all BA's and business associate agreements, to ensure security concerns, requirements, and responsibilities are addressed.
- Establishes and administers a process for investigating and acting on security incidents which may result in a privacy breach breaches.
- Partners with Human Resources and DPO to ensure consistent sanctions for security violations
- Maintains current knowledge of applicable federal and state security laws, licensing and certification requirements and accreditation standards.
- Serves as information security consultant to all departments for all data security related issues.
- Evaluates security trends, evolving threats, risks and vulnerabilities and applies tools to mitigate risk as necessary.
- Meet with customers to understand their security needs and clearly communication our security posture and controls with them.
- Assist with the personal and professional development of Information Security Personnel.
Qualifications:
- Minimum baccalaureate degree in Information Systems or a related Cyber Security related field.
- Strong understanding of the threat landscape, including how security controls combat specific threats.
- Knowledge and experience in US federal, US State, and international information security and privacy laws and regulations, including but not limited to HIPAA, PCI, GDPR, CCPA, BSIG, etc.
- Knowledge and experience in working with common security frameworks, including NIST, CIS, SOC 2, ISO 27001/2, CSF, etc.
- Experience in working with external certifying auditors.
- Industry certifications such as CISSP and CISA, preferred.
- Demonstrated strong verbal and written communication skills for communicating with both highly technical team members and business stakeholders.
- Demonstrated organization, facilitation, written and oral communication, and presentation skills.
- A high level of integrity and trust.
Tags: CCPA CISA CISSP Compliance GDPR Governance HIPAA ISO 27001 Monitoring NIST Privacy Risk assessment Risk management SOC 2 Strategy Vulnerabilities
Perks/benefits: Career development Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs